1/* $NetBSD: ipftest.c,v 1.3 2012/02/15 17:55:11 riz Exp $ */ 2 3/* 4 * Copyright (C) 2002-2006 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 */ 8#include "ipf.h" 9#include "ipt.h" 10#include <sys/ioctl.h> 11#include <sys/file.h> 12 13#if !defined(lint) 14static const char sccsid[] = "@(#)ipt.c 1.19 6/3/96 (C) 1993-2000 Darren Reed"; 15static const char rcsid[] = "@(#)Id: ipftest.c,v 1.44.2.14 2008/11/06 21:18:20 darrenr Exp"; 16#endif 17 18extern char *optarg; 19extern struct frentry *ipfilter[2][2]; 20extern struct ipread snoop, etherf, tcpd, pcap, iptext, iphex; 21extern struct ifnet *get_unit __P((char *, int)); 22extern void init_ifp __P((void)); 23extern ipnat_t *natparse __P((char *, int)); 24extern int fr_running; 25extern hostmap_t **ipf_hm_maptable; 26extern hostmap_t *ipf_hm_maplist; 27 28ipfmutex_t ipl_mutex, ipf_authmx, ipf_rw, ipf_stinsert; 29ipfmutex_t ipf_nat_new, ipf_natio, ipf_timeoutlock; 30ipfrwlock_t ipf_mutex, ipf_global, ipf_ipidfrag, ip_poolrw, ipf_frcache; 31ipfrwlock_t ipf_frag, ipf_state, ipf_nat, ipf_natfrag, ipf_auth, ipf_tokens; 32int opts = OPT_DONOTHING; 33int use_inet6 = 0; 34int docksum = 0; 35int pfil_delayed_copy = 0; 36int main __P((int, char *[])); 37int loadrules __P((char *, int)); 38int kmemcpy __P((char *, long, int)); 39int kstrncpy __P((char *, long, int n)); 40void dumpnat __P((void)); 41void dumpstate __P((void)); 42void dumplookups __P((void)); 43void dumpgroups __P((void)); 44void drain_log __P((char *)); 45void fixv4sums __P((mb_t *, ip_t *)); 46 47#if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 48 (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 49 defined(__osf__) || defined(linux) 50int ipftestioctl __P((int, ioctlcmd_t, ...)); 51int ipnattestioctl __P((int, ioctlcmd_t, ...)); 52int ipstatetestioctl __P((int, ioctlcmd_t, ...)); 53int ipauthtestioctl __P((int, ioctlcmd_t, ...)); 54int ipscantestioctl __P((int, ioctlcmd_t, ...)); 55int ipsynctestioctl __P((int, ioctlcmd_t, ...)); 56int ipooltestioctl __P((int, ioctlcmd_t, ...)); 57#else 58int ipftestioctl __P((dev_t, ioctlcmd_t, void *)); 59int ipnattestioctl __P((dev_t, ioctlcmd_t, void *)); 60int ipstatetestioctl __P((dev_t, ioctlcmd_t, void *)); 61int ipauthtestioctl __P((dev_t, ioctlcmd_t, void *)); 62int ipsynctestioctl __P((dev_t, ioctlcmd_t, void *)); 63int ipscantestioctl __P((dev_t, ioctlcmd_t, void *)); 64int ipooltestioctl __P((dev_t, ioctlcmd_t, void *)); 65#endif 66 67static ioctlfunc_t iocfunctions[IPL_LOGSIZE] = { ipftestioctl, 68 ipnattestioctl, 69 ipstatetestioctl, 70 ipauthtestioctl, 71 ipsynctestioctl, 72 ipscantestioctl, 73 ipooltestioctl, 74 NULL }; 75 76 77int main(argc,argv) 78int argc; 79char *argv[]; 80{ 81 int fd, i, dir, c, loaded, dump, hlen, eol; 82 char *datain, *iface, *ifname, *logout; 83 struct in_addr sip; 84 struct ifnet *ifp; 85 struct ipread *r; 86 mb_t mb, *m; 87 ip_t *ip; 88 89 m = &mb; 90 dir = 0; 91 dump = 0; 92 hlen = 0; 93 loaded = 0; 94 r = &iptext; 95 iface = NULL; 96 logout = NULL; 97 datain = NULL; 98 sip.s_addr = 0; 99 ifname = "anon0"; 100 101 MUTEX_INIT(&ipf_rw, "ipf rw mutex"); 102 MUTEX_INIT(&ipf_timeoutlock, "ipf timeout lock"); 103 RWLOCK_INIT(&ipf_global, "ipf filter load/unload mutex"); 104 RWLOCK_INIT(&ipf_mutex, "ipf filter rwlock"); 105 RWLOCK_INIT(&ipf_ipidfrag, "ipf IP NAT-Frag rwlock"); 106 RWLOCK_INIT(&ipf_frcache, "ipf filter cache"); 107 RWLOCK_INIT(&ipf_tokens, "ipf token rwlock"); 108 109 initparse(); 110 if (fr_initialise() == -1) 111 abort(); 112 fr_running = 1; 113 114 while ((c = getopt(argc, argv, "6bCdDF:i:I:l:N:P:or:RS:T:vxX")) != -1) 115 switch (c) 116 { 117 case '6' : 118#ifdef USE_INET6 119 use_inet6 = 1; 120#else 121 fprintf(stderr, "IPv6 not supported\n"); 122 exit(1); 123#endif 124 break; 125 case 'b' : 126 opts |= OPT_BRIEF; 127 break; 128 case 'd' : 129 opts |= OPT_DEBUG; 130 break; 131 case 'C' : 132 docksum = 1; 133 break; 134 case 'D' : 135 dump = 1; 136 break; 137 case 'F' : 138 if (strcasecmp(optarg, "pcap") == 0) 139 r = &pcap; 140 else if (strcasecmp(optarg, "etherfind") == 0) 141 r = ðerf; 142 else if (strcasecmp(optarg, "snoop") == 0) 143 r = &snoop; 144 else if (strcasecmp(optarg, "tcpdump") == 0) 145 r = &tcpd; 146 else if (strcasecmp(optarg, "hex") == 0) 147 r = &iphex; 148 else if (strcasecmp(optarg, "text") == 0) 149 r = &iptext; 150 break; 151 case 'i' : 152 datain = optarg; 153 break; 154 case 'I' : 155 ifname = optarg; 156 break; 157 case 'l' : 158 logout = optarg; 159 break; 160 case 'N' : 161 if (ipnat_parsefile(-1, ipnat_addrule, ipnattestioctl, 162 optarg) == -1) 163 return -1; 164 loaded = 1; 165 opts |= OPT_NAT; 166 break; 167 case 'o' : 168 opts |= OPT_SAVEOUT; 169 break; 170 case 'P' : 171 if (ippool_parsefile(-1, optarg, ipooltestioctl) == -1) 172 return -1; 173 loaded = 1; 174 break; 175 case 'r' : 176 if (ipf_parsefile(-1, ipf_addrule, iocfunctions, 177 optarg) == -1) 178 return -1; 179 loaded = 1; 180 break; 181 case 'S' : 182 sip.s_addr = inet_addr(optarg); 183 break; 184 case 'R' : 185 opts |= OPT_NORESOLVE; 186 break; 187 case 'T' : 188 ipf_dotuning(-1, optarg, ipftestioctl); 189 break; 190 case 'v' : 191 opts |= OPT_VERBOSE; 192 break; 193 case 'x' : 194 opts |= OPT_HEX; 195 break; 196 } 197 198 if (loaded == 0) { 199 (void)fprintf(stderr,"no rules loaded\n"); 200 exit(-1); 201 } 202 203 if (opts & OPT_SAVEOUT) 204 init_ifp(); 205 206 if (datain) 207 fd = (*r->r_open)(datain); 208 else 209 fd = (*r->r_open)("-"); 210 211 if (fd < 0) 212 exit(-1); 213 214 ip = MTOD(m, ip_t *); 215 while ((i = (*r->r_readip)(MTOD(m, char *), sizeof(m->mb_buf), 216 &iface, &dir)) > 0) { 217 if ((iface == NULL) || (*iface == '\0')) 218 iface = ifname; 219 ifp = get_unit(iface, IP_V(ip)); 220 if (!use_inet6) { 221 ip->ip_off = ntohs(ip->ip_off); 222 ip->ip_len = ntohs(ip->ip_len); 223 if ((r->r_flags & R_DO_CKSUM) || docksum) 224 fixv4sums(m, ip); 225 hlen = IP_HL(ip) << 2; 226 if (sip.s_addr) 227 dir = !(sip.s_addr == ip->ip_src.s_addr); 228 } 229#ifdef USE_INET6 230 else 231 hlen = sizeof(ip6_t); 232#endif 233 /* ipfr_slowtimer(); */ 234 m = &mb; 235 m->mb_len = i; 236 i = fr_check(ip, hlen, ifp, dir, &m); 237 if ((opts & OPT_NAT) == 0) { 238 switch (i) 239 { 240 case -4 : 241 (void)printf("preauth"); 242 break; 243 case -3 : 244 (void)printf("account"); 245 break; 246 case -2 : 247 (void)printf("auth"); 248 break; 249 case -1 : 250 (void)printf("block"); 251 break; 252 case 0 : 253 (void)printf("pass"); 254 break; 255 case 1 : 256 if (m == NULL) 257 (void)printf("bad-packet"); 258 else 259 (void)printf("nomatch"); 260 break; 261 case 3 : 262 (void)printf("block return-rst"); 263 break; 264 case 4 : 265 (void)printf("block return-icmp"); 266 break; 267 case 5 : 268 (void)printf("block return-icmp-as-dest"); 269 break; 270 default : 271 (void)printf("recognised return %#x\n", i); 272 break; 273 } 274 } else { 275 if (i == -1) { 276 (void)printf("block "); 277 } 278 } 279 280 if (!use_inet6) { 281 ip->ip_off = htons(ip->ip_off); 282 ip->ip_len = htons(ip->ip_len); 283 } 284 285 eol = 0; 286 if (!(opts & OPT_BRIEF)) { 287 putchar(' '); 288 printpacket(ip); 289 printf("--------------"); 290 eol = 1; 291 } else { 292 if (opts & OPT_NAT) { 293 printpacket(ip); 294 eol = 1; 295 } 296 } 297 298 if (dir && (ifp != NULL) && IP_V(ip) && (m != NULL)) 299#if defined(__sgi) && (IRIX < 60500) 300 (*ifp->if_output)(ifp, (void *)m, NULL); 301#else 302# if TRU64 >= 1885 303 (*ifp->if_output)(ifp, (void *)m, NULL, 0, 0); 304# else 305 (*ifp->if_output)(ifp, (void *)m, NULL, 0); 306# endif 307#endif 308 309 /* 310 * Because we have no timers to clear out a state entry, we 311 * do a flush call after every packet. Thus once an entry 312 * is recorded as starting to close (TCP), it will be flushed. 313 * This allows verification that flushing does work and that a 314 * packet arriving late will not match, along with the state 315 * table being empty when state is dumped at the end. 316 */ 317 fr_state_flush(1, 0); 318 319 if (eol == 0) 320 putchar('\n'); 321 dir = 0; 322 if (iface != ifname) { 323 free(iface); 324 iface = ifname; 325 } 326 m = &mb; 327 } 328 329 if (i != 0) 330 fprintf(stderr, "readip failed: %d\n", i); 331 (*r->r_close)(); 332 333 if (logout != NULL) { 334 drain_log(logout); 335 } 336 337 if (dump == 1) { 338 dumpnat(); 339 dumpstate(); 340 dumplookups(); 341 dumpgroups(); 342 } 343 344 fr_deinitialise(); 345 346 return 0; 347} 348 349 350#if defined(__NetBSD__) || defined(__OpenBSD__) || SOLARIS || \ 351 (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \ 352 defined(__osf__) || defined(linux) 353int ipftestioctl(int dev, ioctlcmd_t cmd, ...) 354{ 355 caddr_t data; 356 va_list ap; 357 int i; 358 359 va_start(ap, cmd); 360 data = va_arg(ap, caddr_t); 361 va_end(ap); 362 363 i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD); 364 if (opts & OPT_DEBUG) 365 fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", 366 (u_int)cmd, data, i); 367 if (i != 0) { 368 errno = i; 369 return -1; 370 } 371 return 0; 372} 373 374 375int ipnattestioctl(int dev, ioctlcmd_t cmd, ...) 376{ 377 caddr_t data; 378 va_list ap; 379 int i; 380 381 va_start(ap, cmd); 382 data = va_arg(ap, caddr_t); 383 va_end(ap); 384 385 i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD); 386 if (opts & OPT_DEBUG) 387 fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", 388 (u_int)cmd, data, i); 389 if (i != 0) { 390 errno = i; 391 return -1; 392 } 393 return 0; 394} 395 396 397int ipstatetestioctl(int dev, ioctlcmd_t cmd, ...) 398{ 399 caddr_t data; 400 va_list ap; 401 int i; 402 403 va_start(ap, cmd); 404 data = va_arg(ap, caddr_t); 405 va_end(ap); 406 407 i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 408 if ((opts & OPT_DEBUG) || (i != 0)) 409 fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", 410 (u_int)cmd, data, i); 411 if (i != 0) { 412 errno = i; 413 return -1; 414 } 415 return 0; 416} 417 418 419int ipauthtestioctl(int dev, ioctlcmd_t cmd, ...) 420{ 421 caddr_t data; 422 va_list ap; 423 int i; 424 425 va_start(ap, cmd); 426 data = va_arg(ap, caddr_t); 427 va_end(ap); 428 429 i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 430 if ((opts & OPT_DEBUG) || (i != 0)) 431 fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", 432 (u_int)cmd, data, i); 433 if (i != 0) { 434 errno = i; 435 return -1; 436 } 437 return 0; 438} 439 440 441int ipscantestioctl(int dev, ioctlcmd_t cmd, ...) 442{ 443 caddr_t data; 444 va_list ap; 445 int i; 446 447 va_start(ap, cmd); 448 data = va_arg(ap, caddr_t); 449 va_end(ap); 450 451 i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 452 if ((opts & OPT_DEBUG) || (i != 0)) 453 fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", 454 (u_int)cmd, data, i); 455 if (i != 0) { 456 errno = i; 457 return -1; 458 } 459 return 0; 460} 461 462 463int ipsynctestioctl(int dev, ioctlcmd_t cmd, ...) 464{ 465 caddr_t data; 466 va_list ap; 467 int i; 468 469 va_start(ap, cmd); 470 data = va_arg(ap, caddr_t); 471 va_end(ap); 472 473 i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 474 if ((opts & OPT_DEBUG) || (i != 0)) 475 fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", 476 (u_int)cmd, data, i); 477 if (i != 0) { 478 errno = i; 479 return -1; 480 } 481 return 0; 482} 483 484 485int ipooltestioctl(int dev, ioctlcmd_t cmd, ...) 486{ 487 caddr_t data; 488 va_list ap; 489 int i; 490 491 va_start(ap, cmd); 492 data = va_arg(ap, caddr_t); 493 va_end(ap); 494 495 i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 496 if ((opts & OPT_DEBUG) || (i != 0)) 497 fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", 498 (u_int)cmd, data, i); 499 if (i != 0) { 500 errno = i; 501 return -1; 502 } 503 return 0; 504} 505#else 506int ipftestioctl(dev, cmd, data) 507dev_t dev; 508ioctlcmd_t cmd; 509void *data; 510{ 511 int i; 512 513 i = iplioctl(IPL_LOGIPF, cmd, data, FWRITE|FREAD); 514 if ((opts & OPT_DEBUG) || (i != 0)) 515 fprintf(stderr, "iplioctl(IPF,%#x,%p) = %d\n", cmd, data, i); 516 if (i != 0) { 517 errno = i; 518 return -1; 519 } 520 return 0; 521} 522 523 524int ipnattestioctl(dev, cmd, data) 525dev_t dev; 526ioctlcmd_t cmd; 527void *data; 528{ 529 int i; 530 531 i = iplioctl(IPL_LOGNAT, cmd, data, FWRITE|FREAD); 532 if ((opts & OPT_DEBUG) || (i != 0)) 533 fprintf(stderr, "iplioctl(NAT,%#x,%p) = %d\n", cmd, data, i); 534 if (i != 0) { 535 errno = i; 536 return -1; 537 } 538 return 0; 539} 540 541 542int ipstatetestioctl(dev, cmd, data) 543dev_t dev; 544ioctlcmd_t cmd; 545void *data; 546{ 547 int i; 548 549 i = iplioctl(IPL_LOGSTATE, cmd, data, FWRITE|FREAD); 550 if ((opts & OPT_DEBUG) || (i != 0)) 551 fprintf(stderr, "iplioctl(STATE,%#x,%p) = %d\n", cmd, data, i); 552 if (i != 0) { 553 errno = i; 554 return -1; 555 } 556 return 0; 557} 558 559 560int ipauthtestioctl(dev, cmd, data) 561dev_t dev; 562ioctlcmd_t cmd; 563void *data; 564{ 565 int i; 566 567 i = iplioctl(IPL_LOGAUTH, cmd, data, FWRITE|FREAD); 568 if ((opts & OPT_DEBUG) || (i != 0)) 569 fprintf(stderr, "iplioctl(AUTH,%#x,%p) = %d\n", cmd, data, i); 570 if (i != 0) { 571 errno = i; 572 return -1; 573 } 574 return 0; 575} 576 577 578int ipsynctestioctl(dev, cmd, data) 579dev_t dev; 580ioctlcmd_t cmd; 581void *data; 582{ 583 int i; 584 585 i = iplioctl(IPL_LOGSYNC, cmd, data, FWRITE|FREAD); 586 if ((opts & OPT_DEBUG) || (i != 0)) 587 fprintf(stderr, "iplioctl(SYNC,%#x,%p) = %d\n", cmd, data, i); 588 if (i != 0) { 589 errno = i; 590 return -1; 591 } 592 return 0; 593} 594 595 596int ipscantestioctl(dev, cmd, data) 597dev_t dev; 598ioctlcmd_t cmd; 599void *data; 600{ 601 int i; 602 603 i = iplioctl(IPL_LOGSCAN, cmd, data, FWRITE|FREAD); 604 if ((opts & OPT_DEBUG) || (i != 0)) 605 fprintf(stderr, "iplioctl(SCAN,%#x,%p) = %d\n", cmd, data, i); 606 if (i != 0) { 607 errno = i; 608 return -1; 609 } 610 return 0; 611} 612 613 614int ipooltestioctl(dev, cmd, data) 615dev_t dev; 616ioctlcmd_t cmd; 617void *data; 618{ 619 int i; 620 621 i = iplioctl(IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); 622 if (opts & OPT_DEBUG) 623 fprintf(stderr, "iplioctl(POOL,%#x,%p) = %d\n", cmd, data, i); 624 if (i != 0) { 625 errno = i; 626 return -1; 627 } 628 return 0; 629} 630#endif 631 632 633int kmemcpy(addr, offset, size) 634char *addr; 635long offset; 636int size; 637{ 638 bcopy((char *)offset, addr, size); 639 return 0; 640} 641 642 643int kstrncpy(buf, pos, n) 644char *buf; 645long pos; 646int n; 647{ 648 char *ptr; 649 650 ptr = (char *)pos; 651 652 while ((n > 0) && (*buf++ = *ptr++)) 653 ; 654 return 0; 655} 656 657 658/* 659 * Display the built up NAT table rules and mapping entries. 660 */ 661void dumpnat() 662{ 663 hostmap_t *hm; 664 ipnat_t *ipn; 665 nat_t *nat; 666 667 printf("List of active MAP/Redirect filters:\n"); 668 for (ipn = nat_list; ipn != NULL; ipn = ipn->in_next) 669 printnat(ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); 670 printf("\nList of active sessions:\n"); 671 for (nat = nat_instances; nat; nat = nat->nat_next) { 672 printactivenat(nat, opts, 0, 0); 673 if (nat->nat_aps) 674 printaps(nat->nat_aps, opts); 675 } 676 677 printf("\nHostmap table:\n"); 678 for (hm = ipf_hm_maplist; hm != NULL; hm = hm->hm_next) 679 printhostmap(hm, 0); 680} 681 682 683/* 684 * Display the built up state table rules and mapping entries. 685 */ 686void dumpstate() 687{ 688 ipstate_t *ips; 689 690 printf("List of active state sessions:\n"); 691 for (ips = ips_list; ips != NULL; ) 692 ips = printstate(ips, opts & (OPT_DEBUG|OPT_VERBOSE), 693 fr_ticks); 694} 695 696 697void dumplookups() 698{ 699 iphtable_t *iph; 700 ip_pool_t *ipl; 701 int i; 702 703 printf("List of configured pools\n"); 704 for (i = 0; i < IPL_LOGSIZE; i++) 705 for (ipl = ip_pool_list[i]; ipl != NULL; ipl = ipl->ipo_next) 706 printpool(ipl, bcopywrap, NULL, opts); 707 708 printf("List of configured hash tables\n"); 709 for (i = 0; i < IPL_LOGSIZE; i++) 710 for (iph = ipf_htables[i]; iph != NULL; iph = iph->iph_next) 711 printhash(iph, bcopywrap, NULL, opts); 712} 713 714 715void dumpgroups() 716{ 717 frgroup_t *fg; 718 frentry_t *fr; 719 int i; 720 721 printf("List of groups configured (set 0)\n"); 722 for (i = 0; i < IPL_LOGSIZE; i++) 723 for (fg = ipfgroups[i][0]; fg != NULL; fg = fg->fg_next) { 724 printf("Dev.%d. Group %s Ref %d Flags %#x\n", 725 i, fg->fg_name, fg->fg_ref, fg->fg_flags); 726 for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) { 727#ifdef USE_QUAD_T 728 printf("%qu ",(unsigned long long)fr->fr_hits); 729#else 730 printf("%ld ", fr->fr_hits); 731#endif 732 printfr(fr, ipftestioctl); 733 } 734 } 735 736 printf("List of groups configured (set 1)\n"); 737 for (i = 0; i < IPL_LOGSIZE; i++) 738 for (fg = ipfgroups[i][1]; fg != NULL; fg = fg->fg_next) { 739 printf("Dev.%d. Group %s Ref %d Flags %#x\n", 740 i, fg->fg_name, fg->fg_ref, fg->fg_flags); 741 for (fr = fg->fg_start; fr != NULL; fr = fr->fr_next) { 742#ifdef USE_QUAD_T 743 printf("%qu ",(unsigned long long)fr->fr_hits); 744#else 745 printf("%ld ", fr->fr_hits); 746#endif 747 printfr(fr, ipftestioctl); 748 } 749 } 750} 751 752 753void drain_log(filename) 754char *filename; 755{ 756 char buffer[DEFAULT_IPFLOGSIZE]; 757 struct iovec iov; 758 struct uio uio; 759 size_t resid; 760 int fd, i; 761 762 fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY, 0644); 763 if (fd == -1) { 764 perror("drain_log:open"); 765 return; 766 } 767 768 for (i = 0; i <= IPL_LOGMAX; i++) 769 while (1) { 770 bzero((char *)&iov, sizeof(iov)); 771 iov.iov_base = buffer; 772 iov.iov_len = sizeof(buffer); 773 774 bzero((char *)&uio, sizeof(uio)); 775 uio.uio_iov = &iov; 776 uio.uio_iovcnt = 1; 777 uio.uio_resid = iov.iov_len; 778 resid = uio.uio_resid; 779 780 if (ipflog_read(i, &uio) == 0) { 781 /* 782 * If nothing was read then break out. 783 */ 784 if (uio.uio_resid == resid) 785 break; 786 write(fd, buffer, resid - uio.uio_resid); 787 } else 788 break; 789 } 790 791 close(fd); 792} 793 794 795void fixv4sums(m, ip) 796mb_t *m; 797ip_t *ip; 798{ 799 u_char *csump, *hdr; 800 801 ip->ip_sum = 0; 802 ip->ip_sum = ipf_cksum((u_short *)ip, IP_HL(ip) << 2); 803 804 csump = (u_char *)ip; 805 csump += IP_HL(ip) << 2; 806 807 switch (ip->ip_p) 808 { 809 case IPPROTO_TCP : 810 hdr = csump; 811 csump += offsetof(tcphdr_t, th_sum); 812 break; 813 case IPPROTO_UDP : 814 hdr = csump; 815 csump += offsetof(udphdr_t, uh_sum); 816 break; 817 case IPPROTO_ICMP : 818 hdr = csump; 819 csump += offsetof(icmphdr_t, icmp_cksum); 820 break; 821 default : 822 csump = NULL; 823 hdr = NULL; 824 break; 825 } 826 if (hdr != NULL) { 827 *csump = 0; 828 *(u_short *)csump = fr_cksum(m, ip, ip->ip_p, hdr, ip->ip_len); 829 } 830} 831